KuppingerCole Report Reviews IT GRC Market and Cites MetricStream as a Pioneer

MetricStream today announced that it has been named as a company with
strong IT Governance, Risk, and Compliance (GRC) solutions in the
KuppingerCole Vendor Report titled “MetricStream:
Bridging the Gap Between Business GRC and IT GRC.” The report has
been published by KuppingerCole, a leading Europe-based analyst company
for information security both in classical and cloud environments.

Analyzing the IT GRC industry, the KuppingerCole report brings out the
security and compliance challenges that organizations face due to the
increased use of virtualization technologies and external IT services,
as well as emerging and evolving compliance requirements. According to
the report, “organizations are in a situation where they are confronted
with exponential changes regarding outward-facing processes, users, and
external IT services used.” What organizations require today is an IT
GRC solution that is agile to business changes, integrates with
enterprise GRC, manages evolving risks related to information security
and compliance, and monitors business performance.

IT and cyber security risks are a growing concern for most European
organizations. With therise in media attention on privacy and
data breaches, European companies are becoming aware of the risk of a
data leak ending up in today’s more intense news environment and its
impact on business.

Having evaluated the IT GRC market, KuppingerCole says that
MetricStream’s strong and integrated portfolio of GRC solutions comes
with well-defined controls, security features that address risks and
threats arising from social, cloud and virtualization technologies, and
capabilities that enable organizations to merge Information Security, IT
Risks, and Enterprise GRC to drive business performance.

Says Vasant Balasubramanian, Vice President of Product Management at
MetricStream, “KuppingerCole’s report is a testimony to our rich
capabilities in IT GRC, and the innovations we have brought to the
market to address complex security and compliance risks in an
increasingly virtualized and mobile world. MetricStream’s
IT GRC solutions enable organizations to harmonize GRC processes
across the enterprise, align IT GRC with enterprise GRC processes,andintegrate bottom-up IT control processes with top-down risk
intelligence.”

With the acquisition of vPanorama cloud GRC technology, MetricStream is
enabling its customers to seamlessly manage regulatory compliance,
privacy requirements, security threats, vulnerability risks, and
performance metrics across the entire spectrum of virtual assets in the
cloud, as well as on-premise virtual infrastructure.

CIO, CTO & Developer Resources

Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, says,
“From the IT perspective, GRC has moved from technical system-oriented
approaches towards information and service governance. We found
MetricStream’s IT GRC solutions to be well-thought and mature based on
parameters such as security, functionality, usability, integration
capability, and interoperability. The platform also supports business
requirements and integrates with other IT security and GRC point
solutions to provide a complete enterprise GRC approach.”

The report also recommends that organizations looking for GRC solutions
carefully evaluate GRC solution vendors. As per the report, “There are
different vendors with fundamentally different offerings. While some
provide Enterprise GRC solutions focusing on specific aspects of
business, ignoring IT GRC, there are others who provide Enterprise GRC
that support IT controls and integrate with specific IT GRC solutions.
Organizations therefore need to evaluate and analyze GRC vendors based
on whether the vendor’s roadmap is aligned with the evolutions in the
business landscape and if the current offerings are mature enough to
support the changing business requirements of organizations.”

Mr. Balasubramanian also goes on to say, “MetricStream has a strong
track record in providing IT GRC solutions in the European market, the
most recent being the implementation of the solution by one of the
world's largest international online sports betting services provider.
This is attributed to MetricStream’s understanding of the global markets
and the specific GRC needs of organizations in different locations.”

MetricStream is a market leader in Enterprise-wide Governance, Risk,
Compliance (GRC) and Quality Management Solutions for global
corporations. MetricStream solutions are used by leading corporations
such as UBS, P&G, Constellation Energy, Pfizer, Philips, BAE Systems,
Twitter, SanDisk, Cummins and Sonic Automotive in diverse industries
such as Financial Services, Healthcare, Life Sciences, Energy and
Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to
manage their risk management programs, quality processes, regulatory and
industry-mandated compliance and corporate governance initiatives, as
well as several million compliance professionals worldwide via the www.ComplianceOnline.com
portal. MetricStream is headquartered in Palo Alto, California with
European offices in London, Paris, Milan and Basel and can be reached at www.metricstream.com.

Cloud computing budgets worldwide are reaching into the hundreds of billions of dollars, and no organization can survive long without some sort of cloud migration strategy. Each month brings new announcements, use cases, and success stories.